UK government sets out tougher guidelines to protect smart cars from hackers

The British government issued new guidelines on Sunday requiring manufacturers of internet-connected vehicles to put in place tougher cyber protections to ensure they are better shielded against hackers.

The government said it was concerned that smart vehicles, which allow drivers to do things such as access maps and travel information, could be targeted by hackers to access personal data, steal cars that use keyless entry systems, or take control of technology for malicious reasons.

The new guidelines will also ensure that engineers seek to design out cyber security threats as they develop new vehicles, the government said. "Whether we're turning vehicles into wifi-connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks," Martin Callanan, a minister in the Department for Transport, said in a statement.

"Our key principles give advice on what organizations should do, from the board level down, as well as technical design and development considerations." The new guidelines include making the systems able to withstand receiving corrupt, invalid or malicious data or commands, and allowing users to delete personally identifiable data held on a vehicle's systems.

Manufacturers must make plans for how to maintain and support security over the lifetime of the vehicle, the government said, and personal accountability for product security should be held at board level. Alongside this, the government said it was also planning new legislation governing insurance for self-driving cars.

The introduction of self-driving cars has been hampered by legal hurdles in several countries as insurers and legislators try to establish who would ultimately be responsible in the event of an accident. "Measures to be put before parliament mean that insuring modern vehicles will provide protection for consumers if technologies fail," it said.